Thread: [mod-security-users] Mod Security issue
Brought to you by:
victorhora,
zimmerletw
From: Yair <hac...@gm...> - 2005-06-03 11:02:33
|
Hi! I'm using FC2 (apache 1.3) with mod_security, I wanted to ask if there is a way to "block" words via mod_security. For example: If somebody make a post with a board that is hosted on my server with the word "wget" or "su root" then it will redirect the page to abuse.*my domain*.com (but for every site, html / php ). Thanks, Yair |
From: Ivan R. <iv...@we...> - 2005-06-06 15:47:47
|
Yair wrote: > Hi! > > I'm using FC2 (apache 1.3) with mod_security, I wanted to ask if there > is a way to "block" words via mod_security. Yes, there is. You'll find more information in the manual. Also, you can look at the example rules distributed with mod_security, the converted Snort rules, or the rules available elsewhere: http://www.gotroot.com/mod_security+rules http://www.infiltrated.net/modsecrules mod_security rule generator: http://leavesrustle.com/tools/modsecurity/ > For example: > > If somebody make a post with a board that is hosted on my server with > the word "wget" or "su root" then it will redirect the page to abuse.*my > domain*.com (but for every site, html / php ). Sure, but FYI if you are running a forum of some kind it is usually difficult to distinguish such attacks from people discussing Unix tools. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |